Da das Projekt ein wenig Interesse aus internationalen Kreisen bekommen hat sind die Informationen in Englisch besser zugänglich. Wer Fragen dazu hat wendet sich bitte an Pepi!
Since the project gained some interest by international people the documentation is available to a broader audience when in english. If you have questions, please contact Pepi!

WTF?

The average Desktop PC has a lot of components which I deem unnecessary for a network-only device. Like a graphics card, audio components, harddrive, etc. I wanted to build a Tor node that can act as a relay or bridge based on efficient embedded hardware instead of an electricity-hungry general purpose PC. Think green-IT.

If you don't know what Tor is, you should read up on the Tor-Overview which is also available in german as Tor-Überblick and many other languages.

The Hardware: ALIX 3D2 Single Board Computer

I've chosen an ALIX 3D2 SBC by swiss manufacturer PC-Engines as the main component. You can get this board for about 75,- € (plus VAT.). From the manufacturer you can also get a PDF of the schematics of the board if you want to dig deeper.

The operating system is booted from a Compact Flash card which is mounted on the bottom side of the PCB. I've been working with 2GB cards from SanDisk, but most quality CF cards should work just fine. I haven't yet done a build for 1GB cards, but it should be enough space for everything.

The Operating System: nanoBSD

I've evaluated many different OS for this device. It can run almost any OS that is available for the i386 platform including many Linux flavors, *BSD and even exotic stuff like Windows. My operating of choice for the project is nanoBSD which is a special flavor of FreeBSD for embedded devices.
Since we are booting from flash memory, which doesn't like too many write cycles, this is the perfect choice as everything runs read only during normal operation. (Wear leaving of modern flash memories has reduced the write cycles problem of flash memory. Modern CF cards do not suffer from this anymore in my experience.) Yet it's still nice to have a read only system. You don't have to worry about corrupting your filesystem by a power outage. You can just pull-the-plug and nothing will happen to your system. It will just boot up again once power comes back.
Another advantage of nanoBSD over Linux is that it will just boot up even if the realtime clock is not yet set correctly, skipping unnecessary boot delays because of fsck. nanoBSD will set the clock via ntp after obtaining an IP via DHCP. Keep in mind that this system board does not come with a backup battery for the clock (and we actually do not need one).

Building the OS

This has been the hardest part of the project. The nanoBSD build process is not the most simple thing in the world, especially when you're not yet acquainted with it. But steep learning curves are great, because you get to learn a lot in a very short time. One basically needs two files for the build process. A system configuration and a kernel configuration. I'll put them up very soon, so you can start building your own nodes. I also want to provide prebuilt CF images which you can simply dd to a fresh card to get going very quickly.

You can download these from one of the many FreeBSD mirrors.
The architecture you need is i386 and the Release version is 8.0.

You can also download a prebuilt nanoBSD image for a 2GB CF card.

Be aware that some of these development builds have SSH enabled and there is an empty root password!Do not connect this device to the internet without changing the password for root and making sure it sticks across reboots!

TODO

Things I haven't yet solved… Please contact me if you can help with any of these!

Things still needed for a deployable prototype:

Automatically copy torrc and cryptographic identity from a USB stick at boot up when the system is missing them.

Things needed to do to optimize security on the system:

Expert users of FreeBSD/nanoBSD should glance over the configuration used for the project and suggest (and hopefully help to implement) stuff needed to further secure the system.

improve documentation

Things needed to optimize performance:

Further remove things from the configuration that we do not need for operation. The smaller the installation and kernel are, the faster it will work and the faster the build process will be as well. (Currently 40 minutes on a quad Xeon 2.26)

Test node on a link with some bandwidth.

Test if the Soekris vpn1411 crypto accelerator board works with nanoBSD 8 (it should) and if you can have two of these boards in a node.

Test power consumption (PC-Engines specify about 5 Watts for the plain board)

Random stuff:

Better pictures

Better documentation

Better build instructions

DIY video: How to build your own

Get a green Tor-Shirt

Laser engraving on the enclosure

Self Update mechanism (nanoBSD directly supports this, how can I make this easily available for the users?)

Frontside view with RJ45 (ethernet), power jack, RS232 serial connector The LED (green) cuttings are below the right antenna plug. The holes for optional WiFi antennas have been protected with rubber plugs.

Thanks

Thanks to kyrah for her mental support during times of hair pulling struggle and worldi on ##FreeBSD for sharing his knowledge about FreeBSD package management and the nanoBSD build process. Also thanks to all the folks who wrote documentation about nanoBSD.